﻿namespace Yipusoft.Account.DAL
{
    using System;
    using System.Collections.Generic;
    using System.Data;
    using System.Data.SqlClient;
    using Yipusoft.Account.DBUtility;
    using Yipusoft.Account.Model;

    public class User
    {
        public bool AddRole(string UserID, string RoleID)
        {
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@UserID", SqlDbType.NVarChar, 50), new SqlParameter("@RoleID", SqlDbType.NVarChar, 50) };
            commandParameters[0].Value = UserID;
            commandParameters[1].Value = RoleID;
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING))
            {
                return (SqlHelper.ExecuteNonQuery(connection, CommandType.StoredProcedure, "Account_Users_AddRole", commandParameters) > 0);
            }
        }

        public string AddSec(string M_Info)
        {
            int length = M_Info.Length;
            int num2 = 0;
            string str = "";
            string str2 = "";
            if (length != 0)
            {
                int num3;
                for (int i = 0; i < length; i++)
                {
                    num2 += Convert.ToChar(M_Info.Substring((length - i) - 1, 1).ToString());
                }
                num2 *= 2;
                for (int j = 0; j < length; j++)
                {
                    num3 = num2 % 0x1a;
                    num2 -= Convert.ToChar(M_Info.Substring((length - j) - 1, 1).ToString());
                    str = str + Convert.ToChar((int) (0x41 + num3));
                }
                int num6 = 12 - length;
                num2 *= 3;
                for (int k = 0; k < num6; k++)
                {
                    num3 = num2 % 0x1a;
                    num2 -= num3 * 3;
                    str2 = str2 + Convert.ToChar((int) (0x41 + num3));
                }
                return (str2 + str);
            }
            return "";
        }

        public bool Delete(string UserID)
        {
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@UserID", SqlDbType.NVarChar, 50) };
            commandParameters[0].Value = UserID;
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING))
            {
                return (SqlHelper.ExecuteNonQuery(connection, CommandType.StoredProcedure, "Account_Users_Delete", commandParameters) > 0);
            }
        }

        public bool Exsits(string UserID)
        {
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@UserID", SqlDbType.NVarChar, 50) };
            commandParameters[0].Value = UserID;
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING))
            {
                return SqlHelper.ExecuteReader(connection, CommandType.StoredProcedure, "Account_Users_Exsits", commandParameters).Read();
            }
        }

        public List<UserInfo> GetList(string StrWhere)
        {
            List<UserInfo> list = new List<UserInfo>();
            UserInfo item = null;
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@StrWhere", SqlDbType.NVarChar, 0xfa0) };
            commandParameters[0].Value = StrWhere;
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING))
            {
                SqlDataReader reader = SqlHelper.ExecuteReader(connection, CommandType.StoredProcedure, "Account_Users_GetList", commandParameters);
                while (reader.Read())
                {
                    item = new UserInfo();
                    item.UserID = reader.GetString(0);
                    item.UserName = reader.GetString(1);
                    item.Password = reader.GetString(2);
                    item.DepartmentID = reader.GetString(3);
                    item.TimeLastLogin = reader.GetDateTime(4);
                    item.IPLastLogin = reader.GetString(5);
                    item.TimeRegister = reader.GetDateTime(6);
                    item.State = reader.GetInt32(7);
                    list.Add(item);
                }
                return list;
            }
        }

        public List<MenuInfo> GetMenuList(string UserID)
        {
            List<MenuInfo> list = new List<MenuInfo>();
            MenuInfo item = null;
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@UserID", SqlDbType.NVarChar, 50) };
            commandParameters[0].Value = UserID;
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING))
            {
                SqlDataReader reader = SqlHelper.ExecuteReader(connection, CommandType.StoredProcedure, "Account_Users_GetMenuList", commandParameters);
                while (reader.Read())
                {
                    item = new MenuInfo();
                    item.MenuID = reader.GetString(0);
                    item.ParentID = reader.GetString(1);
                    item.MenuLevel = reader.GetInt32(2);
                    item.MenuName = reader.GetString(3);
                    item.MenuUrl = reader.GetString(4);
                    item.IsBlank = reader.GetBoolean(5);
                    item.MenuImage = reader.GetString(6);
                    item.SeqID = reader.GetInt32(7);
                    item.Description = reader.GetString(8);
                    list.Add(item);
                }
                return list;
            }
        }

        public UserInfo GetOAUserInfo(string userId, string password)
        {
            UserInfo info = new UserInfo();
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@UserId", SqlDbType.NVarChar, 50), new SqlParameter("@Password", SqlDbType.NVarChar, 50) };
            commandParameters[0].Value = userId;
            commandParameters[1].Value = this.AddSec(password);
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING_OA))
            {
                string commandText = "select * from account where email=@userid and password=@password ";
                SqlDataReader reader = SqlHelper.ExecuteReader(connection, CommandType.Text, commandText, commandParameters);
                if (reader.Read())
                {
                    info.DepartmentID = reader["aid"].ToString().Substring(0, 5);
                    info.UserID = reader["Email"].ToString();
                    info.UserName = reader["Name"].ToString();
                    info.Password = password;
                }
                return info;
            }
        }

        public List<PermissionInfo> GetPermissionList(string UserID)
        {
            List<PermissionInfo> list = new List<PermissionInfo>();
            PermissionInfo item = null;
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@UserID", SqlDbType.NVarChar, 50) };
            commandParameters[0].Value = UserID;
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING))
            {
                SqlDataReader reader = SqlHelper.ExecuteReader(connection, CommandType.StoredProcedure, "Account_Users_GetPermissionList", commandParameters);
                while (reader.Read())
                {
                    item = new PermissionInfo();
                    item.PermissionID = reader.GetString(0);
                    item.PermissionName = reader.GetString(1);
                    item.CategoryID = reader.GetString(2);
                    item.Description = reader.GetString(3);
                    list.Add(item);
                }
                return list;
            }
        }

        public List<RoleInfo> GetRoleList(string UserID)
        {
            List<RoleInfo> list = new List<RoleInfo>();
            RoleInfo item = null;
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@UserID", SqlDbType.NVarChar, 50) };
            commandParameters[0].Value = UserID;
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING))
            {
                SqlDataReader reader = SqlHelper.ExecuteReader(connection, CommandType.StoredProcedure, "Account_Users_GetRoleList", commandParameters);
                while (reader.Read())
                {
                    item = new RoleInfo();
                    item.RoleID = reader.GetString(0);
                    item.RoleName = reader.GetString(1);
                    item.IsSystem = reader.GetBoolean(2);
                    item.Description = reader.GetString(3);
                    list.Add(item);
                }
                return list;
            }
        }

        public UserInfo GetUser(string UserID)
        {
            UserInfo info = null;
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@UserID", SqlDbType.NVarChar, 50) };
            commandParameters[0].Value = UserID;
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING))
            {
                SqlDataReader reader = SqlHelper.ExecuteReader(connection, CommandType.StoredProcedure, "Account_Users_GetDetail", commandParameters);
                if (reader.Read())
                {
                    info = new UserInfo();
                    info.UserID = reader.GetString(0);
                    info.UserName = reader.GetString(1);
                    info.Password = reader.GetString(2);
                    info.DepartmentID = reader.GetString(3);
                    info.TimeLastLogin = reader.GetDateTime(4);
                    info.IPLastLogin = reader.GetString(5);
                    info.TimeRegister = reader.GetDateTime(6);
                    info.State = reader.GetInt32(7);
                }
                return info;
            }
        }

        public bool Insert(UserInfo User)
        {
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@UserID", SqlDbType.NVarChar, 50), new SqlParameter("@UserName", SqlDbType.NVarChar, 50), new SqlParameter("@Password", SqlDbType.NVarChar, 50), new SqlParameter("@DepartmentID", SqlDbType.NVarChar, 50), new SqlParameter("@TimeLastLogin", SqlDbType.DateTime), new SqlParameter("@IPLastLogin", SqlDbType.NVarChar, 50), new SqlParameter("@TimeRegister", SqlDbType.DateTime), new SqlParameter("@State", SqlDbType.Int) };
            commandParameters[0].Value = User.UserID;
            commandParameters[1].Value = User.UserName;
            commandParameters[2].Value = User.Password;
            commandParameters[3].Value = User.DepartmentID;
            commandParameters[4].Value = User.TimeLastLogin;
            commandParameters[5].Value = User.IPLastLogin;
            commandParameters[6].Value = User.TimeRegister;
            commandParameters[7].Value = User.State;
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING))
            {
                return (SqlHelper.ExecuteNonQuery(connection, CommandType.StoredProcedure, "Account_Users_Insert", commandParameters) > 0);
            }
        }

        public bool RemoveRole(string UserID, string RoleID)
        {
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@UserID", SqlDbType.NVarChar, 50), new SqlParameter("@RoleID", SqlDbType.NVarChar, 50) };
            commandParameters[0].Value = UserID;
            commandParameters[1].Value = RoleID;
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING))
            {
                return (SqlHelper.ExecuteNonQuery(connection, CommandType.StoredProcedure, "Account_Users_RemoveRole", commandParameters) > 0);
            }
        }

        public bool Update(UserInfo User)
        {
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@UserID", SqlDbType.NVarChar, 50), new SqlParameter("@UserName", SqlDbType.NVarChar, 50), new SqlParameter("@Password", SqlDbType.NVarChar, 50), new SqlParameter("@DepartmentID", SqlDbType.NVarChar, 50), new SqlParameter("@TimeLastLogin", SqlDbType.DateTime), new SqlParameter("@IPLastLogin", SqlDbType.NVarChar, 50), new SqlParameter("@TimeRegister", SqlDbType.DateTime), new SqlParameter("@State", SqlDbType.Int) };
            commandParameters[0].Value = User.UserID;
            commandParameters[1].Value = User.UserName;
            commandParameters[2].Value = User.Password;
            commandParameters[3].Value = User.DepartmentID;
            commandParameters[4].Value = User.TimeLastLogin;
            commandParameters[5].Value = User.IPLastLogin;
            commandParameters[6].Value = User.TimeRegister;
            commandParameters[7].Value = User.State;
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING))
            {
                return (SqlHelper.ExecuteNonQuery(connection, CommandType.StoredProcedure, "Account_Users_Update", commandParameters) > 0);
            }
        }

        public int ValidateLogin(string UserID, string Password)
        {
            SqlParameter[] commandParameters = new SqlParameter[] { new SqlParameter("@Flag", SqlDbType.Int), new SqlParameter("@UserID", SqlDbType.NVarChar, 50), new SqlParameter("@Password", SqlDbType.NVarChar, 50) };
            commandParameters[0].Direction = ParameterDirection.Output;
            commandParameters[1].Value = UserID;
            commandParameters[2].Value = Password;
            using (SqlConnection connection = new SqlConnection(SqlHelper.CONN_STRING))
            {
                SqlHelper.ExecuteNonQuery(connection, CommandType.StoredProcedure, "Account_Users_ValidateLogin", commandParameters);
                return (int) commandParameters[0].Value;
            }
        }
    }
}

